Secure Privacy Email Options 2019

In this article on secure privacy email options we look at various ways to make your email more… well… Secure and private. We pay particular attention to the relatively new breed of end-to-end encrypted webmail services, but also survey the pros and cons of more traditional alternatives. 

Email is not private or secure

As a technology, email was not designed with privacy or security in mind. The need for such, in fact, never crossed the minds of the early pioneers of networking.  So when it later became clear that internet consumers were unwilling to pay for the hugely expensive and complex technologies they use every day and with hardly a second thought, email providers had an easy way at hand to monetize their services.

The most successful business model was developed by Google, which realized that an individual’s personal data is incredibly valuable. The more of it you collect, the more valuable it is. 

After all, if you have a good idea of what a person does and doesn't like, where they go, what their hobbies are, and who they hang out with, then it is easy to target them with products and services that they are likely to be interested in purchasing. Cha-ching!

In addition to using its search engine to track users’ interests, Google scans all emails sent via its Gmail service. Note that this means emails not only belonging to Gmail users, but any emails sent to Gmail users from other email services!

In 2017 Google somewhat disingenuously announced that it would no longer scan emails in order to target users with tailored ads, but this does not mean it has stopped scanning emails for other purpose. Its much-touted AI-based smart reply feature proves this beyond all doubt, as does its full list of everything you have purchased from any online retailer since 2015!

Government spying

Whatever the situation with Google, it is normal for email services to scan users’ emails for advertising purposes. After all, how else can such expensive-to-run services be offered “free” to end users?

And what can be collected for advertising revenue is also incredibly valuable to “collect it all” security agencies such as the NSA.

Google cooperated with the NSA to spy on its users for years, and only stopped when caught with its pants down by Edward Snowden’s revelations in 2013. Or at least it claims to have stopped. Yahoo, on the other hand, continued to betray its users to the NSA right up until at least October 2016.

Pay for It!

So what can those of us who value our privacy use instead? Although some of the options listed below are, in fact, free, the first thing we all need to do is lose our attachment to free services. 

As the old adage goes, “if you aren’t paying for a product, then you are the product.”

It costs a lot of money and time to run an email service, so you need to consider very carefully how that service is funded. Services such as RiseUp and Autistici are run by politically motivated activists, and are designed primarily to provide privacy for similarly minded activists.

Such services are willing to run at a financial loss thanks to the political ideology of their founders. As such, they are small and not very well-funded. Users should certainly consider donating towards them if they can afford to do so.

PGP (which we discuss later in this article) is free because OpenPGP is an open source technology, rather than a service that needs to be operated and maintained at cost. 

PGP-encrypted emails can be securely sent over any regular email service, but the simple reality is that very few of your contacts (if any) will also use PGP. This means that you will still require a private email service for day-to-day use…

All Browser-based encryption is insecure

Webmail services are very convenient, as they can be easily accessed from within any web browser. Unfortunately, cryptography in browsers is implemented using JavaScript, and JavaScript cryptography in browsers is inherently insecure

This is because a compromised server or man-in-the-middle attack can push compromised encryption keys to both you and your recipient’s browsers.

Does this make webmail services useless? No. It all depends on your threat model. For most users, they are probably absolutely fine. But no webmail service is going to be anywhere near as secure as using PGP with a dedicated email client…. at least if accessing the emails in your browser. 

If you access an encrypted webmail service via its mobile app or a dedicated email client only (i.e. not through a browser), then this issue does not apply. 

Use Signal Instead

“I have recently come to the conclusion that e-mail is fundamentally unsecurable. The things we want out of e-mail, and an e-mail system, are not readily compatible with encryption. I advise people who want communications security to not use e-mail, but instead use an encrypted message client like OTR or Signal.Bruce Scheier.

Encrypted messaging apps are much easier to use than PGP (what isn’t?!), and are much more secure than any kind of email. Signal messenger is widely regarded as the most secure way to communicate with another person yet devised, short of actually whispering something into their ear.

Signal is, therefore, the best solution currently available for keeping the actual contents of messages secure. OTR is also a good option for desktop users.

End-to-end (e2e) privacy email services

Why use a privacy-focused email service?

If you need a conversation to be as private as possible then use Signal, not email. But email is not going away, and remains the single most popular means of communicating on the planet. Using a private and secure email service of the kind described below means:

  • The service will not scan your emails (for advertising or any other purpose)
  • They use end-to-end encryption (e2ee). You encrypt and decrypt your emails on your own device so that neither your email provider or the NSA can access them.
  • Are ad-free

ProtonMail

Price: Free (500 MB/1 address), $5 per month (5 GB/5 addresses).


Features:

  • Based in Switzerland
  • Uses PGP encryption
  • Open source code has been audited
  • Can send (and receive) encrypted emails to non-ProtonMail users
  • Self-destruct emails
  • Apps for Android and iOS
  • Supports two-factor authentication (2FA)
  • Tor .onion address
  • Strips IP from sent emails
  • Attachments encrypted
  • Accepts payment in bitcoins
  • Can use own domain
  • Ad free
  • Can import contacts
  • No personally identifiable logs
  • Full PGP support
  • GDPR compliant
  • Qualys SSL Rating: A

Downsides:

  • Free (not paid) users may be asked to verify identity

ProtonMail was the first in a post-Snowden “new-wave” of webmail services that aim to provide all the functionality of Gmail and its ilk, but which respect users’ privacy and provide full end-to-end encryption (e2ee) for emails.

Users can send anyone an encrypted email, to which they can also respond securely.

ProtonMail is based in Switzerland, which has strong privacy laws and is outside the NSA and GCHQ’s direct area of influence. Being based there is therefore usually considered a strong feature of the service. 

Newly passed government surveillance laws are worrying, however, and despite reassurances from ProtonMail, it is still unclear if these laws affect services such as ProtonMail.  

Great news is that in 2018 ProtonMail introduced full OpenPGP support. This means users can send PGP encrypted emails to non-ProtonMail contacts, and open PGP encrypted emails sent to their ProtonMail account.

Please see our ProtonMail Review for an in-depth look at this service. 

Tutanota

Price: Free (1 GB/1 address), $1.35 per month (1 GB (expandable)/5 addresses).


Features:

  • Based in Germany
  • Open source
  • Subject line encrypted
  • Uses 128-bit AES encryption with RSA-2048 handshake and perfect forward secrecy
  • TLS connection with DANE and PFS
  • Can send (and receive) encrypted emails to non-Tutanota users
  • Self-destruct emails
  • Apps for Android and iOS
  • Strips IP from sent emails
  • Attachments encrypted
  • Accepts payment in bitcoins
  • Can use own domain
  • Ad free
  • GDPR compliant
  • Qualys SSL Rating: A+ with HSTS and PFS

Downsides:

  • No PGP support
  • No contact import
  • Logs kept for five days
  • No 2FA

Similar in many ways to ProtonMail, Tutanota is based in Germany. This has strict privacy laws, but also practices widespread surveillance of its own, provides the base for the NSA’s extensive European operations, and is known to collaborate with the NSA. But all emails are stored e2e encrypted, so this shouldn’t matter.

Tutanota encrypts messages with an AES-128 cipher, RSA-2048 handshake, and perfect forward secrecy, rather than using PGP. This enables it to encrypt email subject lines when sent to other Tutanota users, but means the system is not interoperable with “regular” PGP users.

Posteo

Price: €2 per month (expandable).


Features:

  • Based in Germany
  • Calendar
  • Supports 2FA (TOTP)
  • Open source code has been audited
  • Server hard drives encrypted with AES (bit size unspecified)
  • Uses 100% green energy
  • Anonymous signup and payment
  • Strips IP from sent emails
  • Supports 2FA
  • Ad free
  • Contact import
  • e2e support via OpenPGP and S/MIME within browser
  • Qualys SSL Rating: A+ with with HSTS and PFS

Downsides:

  • No mobile apps
  • Logs kept for seven days
  • Cannot use own domain name

Also based in Germany, Posteo is a somewhat different beast to Tutanota and ProtonMail. It is a secure email service that encrypts its server connections with TLS (using DANE and perfect forward secrecy), and stores all emails on AES-encrypted hard drives (key size unknown).

By default, Posteo is not an e2e encrypted service. e2e email encryption is supported, however, via “one-click” OpenPGP and S/MIME support within the browser. Recipients must have the same kind of encryption software installed on their computers (OpenPGP or S/MIME, whichever is used), but need not be Posteo users.

Posteo also runs its own PGP key directory, which is more private than conventional PGP key servers. The Roundcube web interface works well inside mobile browsers, but Posteo has no dedicated mobile apps. IMAP support, however, means that third-party email apps can be used with the service.

In 2013 this service proved its privacy chops by successfully resisting demands by the police for the identity of a Posteo account holder who was thought to be using the service for illicit purposes. The fact that it does not store any data on its customers' identities made handing over such information impossible.

Mailfence

Price: Free (500 MB / 1 address), €2.50 per month (5 GB / 10 addresses), €7.50 per month (20 GB / 50 addresses)


Features:

  • Based in Belgium
  • e2ee via integrated PGP support
  • Compatible with other PGP users
  • e2ee support for non-PGP users via shared secret
  • Calendars
  • Encrypted document storage
  • Import contacts
  • 2fa support
  • Open source cryptography app (JavaScript) has been audited
  • Strips IP address from sent emails 
  • Supports POPS, IMAPS, and SMTPS
  • Supports custom domains
  • GDPR compliant
  • Qualys SSL Rating: A+ with HSTS and PFS

Downsides:

  • Not open source
  • Logs lots of metadata
  • No mobile apps

Mailfence is based in Belgium, a country with strong privacy laws and no track record of cooperation with the NSA and GCHQ. ISPs are required to perform extensive blanket data retention, but access to this data is strictly regulated and requires a warrant. 

Mailfence uses easy “one-click” OpenPGP encryption to secure emails, and emails sent to other Mailfence users are encrypted automatically (and do not leave Mailfence’s servers). 

Emails to non-members can sent encrypted by PGP, or sent unencrypted but digitally signed with a PGP key. Alternatively, symmetric-encrypted emails can be sent to non-PGP users using a shared secret to secure them. 

And because Mailfence uses a standard implementation of OpenPGP with full key management available, the service is interoperable with “regular” PGP users. Mailbox runs its own key server. PGP keys are generated in the browser and stored on Mailfence’s servers using an AES-256 cipher.

The browser-based PGP encryption is open source, but much of the backend environment is closed source.  Deleted messages are kept for two weeks for backup purposes. More worrying is that Mailfence logs all email metadata, including “IP addresses, message-ID’s, sender and recipient addresses, subjects, browser versions, countries and timestamps.”  

A big draw for this service is that it provides secure and exportable calendars and secure document storage.

Unfortunately, Mailfence does not currently offer any mobile apps, although messages can be synced to iOS and Android devices using Microsoft Exchange ActiveSync and supports for POP and IMAC means you can use third-party apps with the service (paid users only). It also offers a cut-down web interface specially designed for mobile devices.

StartMail

Price: 7-day free trial, $59.95 annually (10GB storage / 10 addresses).


Features:

  • Based in the Netherlands
  • One-click PGP encryption
  • Can send encrypted emails to anyone
  • 2fa support
  • Unlimited disposable email addresses
  • IMAP and SMTP support
  • GDPR compliant
  • Can import contacts from many email services
  • IP addresses and hostnames are obfuscated
  • Qualys SSL Rating: A+ with HSTS and PFS

Downsides:

  • Not true e2e encryption
  • Uses a mix of open source and closed source code
  • The Netherlands has passed new surveillance laws

StartMail is a privacy email service operated by the people who also run the StartPage privacy search engine. 

Because of its integrated use of PGP, StartMail is fully interoperable with other PGP users. It is also possible to send encrypted emails to non-PGP users, who must know a secret chosen by you in order to open the email.

One of the most notable features of this service is that PGP encryption is performed serverside. In other words, it is not end-to-end. StartPage cites the very real problems with JavaScript-based browser encryption that we discussed in the introduction to this article as the reason for this, but it is undoubtedly a controversial decision. 

This situation is not helped by the fact that StartPage uses a mix of both open source and closed source components.

StartMail is based in the Netherlands. Much like Switzerland, this is a country traditionally seen as privacy-friendly but which has recently passed alarming new surveillance laws.

One thing we really like with StartMail is the ability to create unlimited disposable email addresses. There are no dedicated mobile apps, but full IMAP and SMTP support means you can use any third party email app with the service. 

mailbox.org

Price: 30-day free trial, €1 per month (2GB mail storage, 3 addresses), €2.50 per month (5GB mail storage, 25 addresses). Pricing can be personalized to your needs.


Features:

  • PGP encryption (either serverside for ease or using Mailvelope)
  • PGP encrypted mailbox to secure all stored emails
  • Based in Germany
  • Can use own domain
  • 100% powered by eco-friendly energy
  • GDPR compliant
  • IMAP, POP and ActiveSync support
  • Qualys SSL Rating: A+ with HSTS and PFS

Downsides:

  • No e2ee unless using Mailvelope (but which is pre-configured for mailbox.org)
  • Metadata remains visible

 Like Tutanota, mailbox.org is based in Germany. This has strict privacy laws, but also practices widespread surveillance of its own, provides the base for the NSA’s extensive European operations, and is known to collaborate with the NSA.

PGP encryption can be performed serverside for convenience, but this not end-to-end. mailbox.org mitigates this problem by also requiring a password to access encrypted emails, which is known only to the account user.  A certain level of trust is still required, however

Alternatively, you can e2e encrypt PGP emails in your browser using the Mailvelope browser add-on, which has been pre-configured to work with mailbox.org without requiring any further configuration steps.

All sent and received emails are optionally stored in a PGP-encrypted Guard mailbox. Unencrypted emails are still vulnerable to interception during transit, but should be secure at rest. As with its serverside full PGP encryption of individual emails, Guard mailboxes are further secured by a password that only the user knows.  

There are no mobile apps, but mailbox.org supports IMAP and POP for use with third party email apps. Contacts and calendars can be synched to mobile via ActiveSync.

Neomailbox

Price: $49.95 annually (1GB mailbox, 1 address), $79.95 per year (5GB mailbox, 1 address), additional pricing tiers expand mailbox size up to $240.95GB/40GB mailbox.


  • OpenPGP encryption for stored emails
  • Support for IMAP, SMTP, POP3 
  • Strips IP address from sent emails
  • Can use custom domain name
  • Alternate ports to enable use through firewalls
  • Unlimited aliases at your own unique subdomain
  • Qualys SSL Rating: A

Neomailbox is based in Switzerland. As we discuss in our look at ProtonMail, uncertainly over how its new surveillance laws will be exercised undermines this country’s traditional reputation for being privacy friendly. 

Neomailbox does not allow you to send or receive PGP-encrypted emails, but it does provide the option to automatically encrypt emails stored on its servers using your public PGP key. This means Neomailbox cannot access your emails, but requires the use of external tools such Mailvelope or Gpg4win in order to generate your PGP key pair. 

Unlimited aliases are permitted with no advance setup, although these all use your unique subdomain name. These aliases can be blocked and unblocked at will, making them ideal for use as disposable addresses. 

Honorable mentions

Disroot and Runbox are privacy-friendly email services that store emails on encrypted hard drives. They do not, however, offer any form of end-to-end encryption. Kolab Now is also a privacy-friendly email service, but does not store emails encrypted.

When we initially published this article some three years ago the recently resurrected Lavabit service looked promising. Most of the promised privacy and security features have yet to materialize, however, and we have difficulty recommending any service based in the US (as evidenced rather dramatically by Lavabits own initial demise!).

Pretty Good Privacy (PGP)

PGP was developed as a protocol for securely encrypting emails, and although the original standard is no longer open source (it is now the property of Symantic), the Free Software Foundation has taken up the open source banner in the form of the 100 percent interoperable OpenPGP standard.


The most traditional (and still the most secure) way to use PGP is GNU Privacy Guard (also known as GnuPG or just GPG). This is available for Windows, macOS, and Linux, with a standalone email client such as Claw-Mail or Thunderbird.

Although the basic program uses a simple command line interface, more sophisticated versions are available for Windows (Gpg4win) and Mac (GPGTools). We have a guide to securing your email with Gpg4win guide elsewhere. It may well be worth reading through it to help understand how OpenPGP works.

Note that with PGP, the metadata - email addresses of sender and recipient, date and time of sending, and e-mail’s subject line- are not encrypted. Just the body and any attachments. And any service that wishes to be compatible with PGP will necessarily suffer the same limitations.

Another problem with PGP is that it does not use Perfect Forward Secrecy (PFS). So once keys for one encrypted email are broken, all other emails encrypted using the same keys will also be compromised. This is an area where e2e PGP email web services shine, because use of Diffie-Hellman or ECDE key exchanges in their TLS connections introduces PFS.

We should note that this is a problem that affects all implementations of PGP, including by the email providers listed in this article.

Mailvelope - making PGP easier

Even a casual glance though our Gpg4win guide will amply demonstrate why PGP has not caught on with the public. It is complex to the point of being confusing and is hard to get right.  Most of the e2e webmail services listed above use PGP, but aim to make it as user-friendly and “idiot-proof” as possible.

In this, they are largely successful, but at a price in security. As already discussed, browser-based cryptography is deeply flawed. A third option exists, however, that provides something of a “middle way”.

Mailvelope is an OpenPGP browser plugin that is much easier to use than the more traditional setup (although not as easy as “one-click” webmail solutions). Although it does from suffer the same weakness as other browser-based cryptography, it mitigates this by allowing you to validate a key pair by comparing Fingerprints with the sender.

This does not completely solve the problem if the developers of Mailveope attend to push out malicious updates, but does go a long way towards it. So in theory, Mailvelope allows secure and easy(ish) email PGP encryption within your browser. Even when using services such as Gmail. 

However…

A major problem that is not well advertised by most articles on the subject is that services such as Gmail regularity save drafts of emails as they are being composed. This means that even if the final sent version of an email is fully encrypted, there will exist on Google’s servers multiple unencrypted draft versions of that email! This is not good.

We therefore strongly recommend that, if using Mailvelope with services such as Gmail, you compose emails in a separate text editor. And then past the text into the email just prior to encryption. 

Self-hosted email

A more extreme option to all the above is to self-host your own email server. This can be done either on your own PC, or on a rented server. Do so pretty much guarantees that Google etc. will not be snooping on your emails (at least directly – they will still be able to read unencrypted emails sent to other users of their services).

Setting up and maintaining your own email server, however, is a non-trivial job for even the more technically-inclined. And ensuring that it is secure is even harder. In fact, if not done right, running your own email server can be actively dangerous as it can provide a false sense of security.

Which is not to say it is impossible. And there are certainly privacy fanatics out there who swear by self-hosting their email. This is indeed, a subject we may write a guide to at some point in the future!

Software such as Mail-in-a Box and Mailcow make the job easier by automating the process, but for maximum security, you should build your own server from scratch (so to speak). Great tutorials on how to do this can be found here and here

Image credit: wk1003mike/shutterstock.com
Image credit: xaedes & jfreax & Acdx, PGP diagram, CC BY-SA 3.0

Written by: Douglas Crawford

Has worked for almost six years as senior staff writer and resident tech and VPN industry expert at ProPrivacy.com. Widely quoted on issues relating cybersecurity and digital privacy in the UK national press (The Independent & Daily Mail Online) and international technology publications such as Ars Technica.

26 Comments

  1. michelle

    on June 24, 2018
    Reply

    I have had the neighbours from hell in the north of the UK, hacking all my emails for 4 years. They have been harassing me to death, stalking me at home and leaking all my personal information they get from my emails. It doesn't really help to pay for an encrypted email services if your Dell/Intel computer and Bill Gates team have granted a back access to let hackers target your laptop daily.

  2. Pooter

    on June 8, 2018
    Reply

    I am considering Startmail, I just want to clarify concerns about their .com domain. It was mentioned somewhere that in theory the u s a could seize the domain - what in effect does that mean, and if they did seize it could they do so without us Europeans knowing it had been seized? I just want an email service which stays in Europe, not spied on by those other people. Just my sense of privacy, not interested in pgp etc.

    1. Pooter replied to Pooter

      on June 13, 2018
      Reply

      If you sign up for posteo using the Deutsch page you will get a .de account!

    2. Pooter replied to Pooter

      on June 10, 2018
      Reply

      Thanks, that's partly reassuring. Can I complicate the question - some email providers only offer the main address as .com, but allow several aliases with choices of .de, .nl etc. Could one then safely avoid the hazard by only using the aliases, even if all emails received by these aliases go into the same inbox, which is the main .com one, if that makes sense?

      1. Douglas Crawford replied to Pooter

        on June 11, 2018
        Reply

        Hi Pooter, Not if the aliases simply redirect to the main .com domain. As I say, though, this is not a major problem because StartMail (or any other company) could simply use another domain if needed. This is exactly what happened for years with infamous torrent site The Pirate Bay - its domains kept on being seized (including .com), but it kept on just switching to new domains without any interruption to its service. Indeed, its enemies seem to have given up seizing its domains (for now) as even though it was seized in the past, it has kept its current .org domain for quite a while.

    3. Douglas Crawford replied to Pooter

      on June 9, 2018
      Reply

      Hi Pooter, Seizing the domain would simply mean that you would not be able to access the service using the domain name startmail.com. It would in no way affect the service itself, and would not compromise it in any way. Europeans would know because they would not be able to access the service on that domain. In such a situation it would be easy enough for Startmail to setup an alternative domain that is not under US control(for example .eu or.nl).

  3. Shane

    on June 5, 2018
    Reply

    Another provider that I have found with a good privacy focus is thexyz. Although they are based in Canada I like their stance on privacy with no ads, trackers etc. I have also found it to be very reliable with solid spam filtering.

  4. Alan

    on April 29, 2018
    Reply

    Hi Douglas I just found your site via Google I'm torn between posteo or tutanota Really like the look of posteo but it doesn't come with an android app. Im sure both services have had major updates since your review. Which of the 2 services above you choose for privacy in 2018? Id really appreciate your input Thanks :)

    1. Douglas Crawford replied to Alan

      on April 30, 2018
      Reply

      Hi Alan, They are both good services, so you just need to decide which features maters to you more. True e2e messaging, self-destruct emails and great mobile apps? Choose Tutanota. A simpler and more conventional (but privacy focused) email service with integrated “one-click” OpenPGP? Choose Posteo. For me the Android app swings in Tutanota's favor, but it is a close call.

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.